<?php

$ip = $_SERVER['REMOTE_ADDR'];
$new_wallet = false;

if (isset($_POST["id"])) 
{

include("cgi/mysqli_connect_read.php");

$id = mysqli_real_escape_string($con,$_POST["id"]);

// Check connection
if (mysqli_connect_errno())
	{
	echo "Failed to connect to MySQL: " . mysqli_connect_error();
	}

$result = mysqli_query($con,"SELECT address FROM wallets WHERE id = '$id'");

if (mysqli_num_rows($result) == 1)
	{

	$row = mysqli_fetch_array($result);
	  
	$address = $row['address'];

	$btc = file_get_contents("https://blockchain.info/q/addressbalance/$address?confirmations=1");
	$btc = $btc/100000000;
	}
	else
	{
	$id = "INVALID ID";
	$address = "None";
	$btc = "None";	
	}
}

else
{
$data = explode(" ", file_get_contents("https://blockchain.info/q/newkey"));
$id = substr(hash("sha1",$data[1]), 0, 24);

$address = $data[0];
$private_key = $data[1];

$btc = file_get_contents("https://blockchain.info/q/addressbalance/$address?confirmations=1");

$btc = $btc/100000000;

include ("cgi/mysqli_connect_read.php");

$wallets_this_hour = mysqli_query($con,"SELECT id FROM wallets WHERE time_stamp > DATE_SUB(UTC_TIMESTAMP(),INTERVAL 1 HOUR) AND ip = '$ip';");

if (mysqli_num_rows($wallets_this_hour) < 10)
	{
	include("cgi/mysqli_connect_write.php");

	// Check connection
	if (mysqli_connect_errno())
	  {
	  echo "Failed to connect to MySQL: " . mysqli_connect_error();
	  }

	mysqli_query($con,"INSERT INTO wallets (id, address, private_key,time_stamp,ip) 
	VALUES ('$id', '$address', '$private_key', now(), '$ip')");
	mysqli_close($con);
	
	$new_wallet = true;
	}
else
	{
	$id = "WALLET SPAM BLOCKER";
	$address = "None";
	$btc = "None";	
	}
}
?>

<html>
	<head>
	<link rel="icon" type="image/png" href="images/favicon.png" />
	<link href="style.css" rel="stylesheet" type="text/css" />
	<title>Express Wallet</title>
	</head>
	
<body>
			<?php include("includes/header.html");?>
			<br />
			<?php include("includes/navigation.html");?>
			<div id="title">
			Wallet ID: <?php echo $id?>
			</div>			
			<div id="content">
				<p>
				Address: <?php echo '<a href="https://blockchain.info/address/' . $address . '">' . $address . '</a>'?>
				<br>
				<div class="subcontent half">
					<h3>Balance: <?php echo $btc?> BTC</h3>
					<i style="font-size: 9px;">Deposits updated after 1 confirms.</i>
				</div>
				<br>
				<div class="subcontent half">
					<h3>Send BTC:</h3>
					<br>
					<form action="/send_funds.php" method="POST">
						<input type="hidden" id="id" name="id" value=<?php echo $id?>>
						To: 
						<input type="text" id="address" name="address" placeholder="Bitcoin Address" style="float:right;width:260px;text-align:center;">
						<br>
						<br>
						<label for="amount">Amount:</label>
						<input type="number" min="0.0001" step="0.0001" value="0" id="amount" name="amount" style="float:right;width:120px;text-align:right;">
						<br>
						<br>
						<input type="submit" class="button green" value="SEND">
					</form>		
				</div>
				<br>
				Warning: This site is in beta testing as should not be used to store large amounts of bitcoins!
				Make sure you save your ID as you cannot regain access to your account without it!
				<br>				
			</div>
			<br />
			<?php include("includes/footer.html");?>	
	</body>
</html>

<?php 
if ($id == "WALLET SPAM BLOCKER") echo "<script>alert('Warning, you have created more than 10 address this hour.  Please wait an hour and try again.')</script>";
if ($new_wallet == true) echo "<script>alert('Please store your wallet ID in a secure location as you will be unable to access your account without it.')</script>";
?>